CentOS 8 and libvirt-daemon iptables rules
1 min readOct 13, 2020
I wanted to disable iptables on CentOS 8. I just disabled and stopped firewalld
# systemctl stop firewalld
# systemctl disable firewalldThen I rebooted the server, when I issue iptables -L I can still see the iptables rules. I removed firewalld
# dnf remove firewalldThen rebooted again. The rules were still existed!
# iptables -LChain INPUT (policy ACCEPT)target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:bootps
ACCEPT tcp -- anywhere anywhere tcp dpt:bootpsChain FORWARD (policy ACCEPT)target prot opt source destination
ACCEPT all -- anywhere 192.168.122.0/24 ctstate RELATED,ESTABLISHED
ACCEPT all -- 192.168.122.0/24 anywhere
ACCEPT all -- anywhere anywhere
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
REJECT all -- anywhere anywhere reject-with icmp-port-unreachableChain OUTPUT (policy ACCEPT)
target prot opt source destinationACCEPT udp -- anywhere anywhere udp dpt:bootpc
I was going to prejudge that Linux, which I had been using for years, was not as stable as before, that I checked the running services. And found the guilty!
libvirtd.serviceThis linux box installed with Full packages. libvrd installed and it is modifying the iptables rules.
The solution:
# dnf remove libvirt-daemonIsmail YENIGUL
